MidnightBSD

Advisories for op5

CVE-2008-5028 MEDIUM

Cross-site request forgery (CSRF) vulnerability in cmd.cgi in (1) Nagios 3.0.5 and (2) op5 Monitor before 4.0.1 allows remote attackers to send commands to the Nagios process, and trigger execution of arbitrary programs by this process, via unspecified HTTP requests.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
nagios nagios 1.3
nagios nagios 3.0.1
nagios nagios 1.0
nagios nagios 1.1
nagios nagios 2.9
nagios nagios 2.4
nagios nagios 2.0b6
nagios nagios 2.0b3
nagios nagios 2.0b2
nagios nagios 2.2
nagios nagios 3.0
op5 monitor 3.3.3
nagios nagios 2.1
nagios nagios 1.0_b1
op5 monitor 3.0.0
op5 monitor 3.2.4
nagios nagios 1.0b1
nagios nagios 1.4.1
op5 monitor 3.3.1
nagios nagios 2.5
nagios nagios 1.0b4
nagios nagios 2.10
nagios nagios 2.8
nagios nagios 3.0.3
nagios nagios 2.0rc1
nagios nagios 2.0
nagios nagios 1.2
op5 monitor 2.4
nagios nagios 1.0_b3
op5 monitor *
nagios nagios 1.0b5
nagios nagios 1.0b6
nagios nagios 2.3
op5 monitor 2.8
nagios nagios 2.0b1
nagios nagios 2.7
nagios nagios 2.0b4
nagios nagios 2.3.1
nagios nagios 3.0.2
nagios nagios 2.0b5
op5 monitor 3.0
nagios nagios 1.0b3
nagios nagios 1.0_b2
op5 monitor 3.3.2
op5 monitor 3.2
nagios nagios *
op5 monitor 2.6
nagios nagios 1.4
nagios nagios 2.0rc2
nagios nagios 2.11
nagios nagios 1.0b2
CVE-2013-6141 MEDIUM

Unspecified vulnerability in op5 Monitor before 6.1.3 allows attackers to read arbitrary files via unknown vectors related to lack of authorization.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
op5 monitor 5.5.1
op5 monitor 5.7.1
op5 monitor 5.3.5
op5 monitor 6.0.0
op5 monitor *
op5 monitor 6.1.2
op5 monitor 6.0.3
op5 monitor 6.0.6
op5 monitor 5.8.1
op5 monitor 6.0.7
op5 monitor 6.1.0
op5 monitor 5.5.0
op5 monitor 5.7.4
op5 monitor 5.7.0
op5 monitor 5.4.0
op5 monitor 5.5.3.1
op5 monitor 5.8.0
op5 monitor 5.7.3.1
op5 monitor 5.6.1
op5 monitor 5.7.3
op5 monitor 5.7.3.3
op5 monitor 6.0.4
op5 monitor 5.5.3
op5 monitor 5.6.2.2
op5 monitor 6.1.1
op5 monitor 5.4.2
op5 monitor 5.6.0
CVE-2014-4907 MEDIUM

Cross-site scripting (XSS) vulnerability in share/pnp/application/views/kohana_error_page.php in PNP4Nagios before 0.6.22 allows remote attackers to inject arbitrary web script or HTML via a parameter that is not properly handled in an error message.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
pnp4nagios pnp4nagios 0.6.14
pnp4nagios pnp4nagios 0.6.19
pnp4nagios pnp4nagios 0.6.4
pnp4nagios pnp4nagios 0.6.7
pnp4nagios pnp4nagios 0.6.11
pnp4nagios pnp4nagios 0.6.1
pnp4nagios pnp4nagios *
pnp4nagios pnp4nagios 0.6.20
pnp4nagios pnp4nagios 0.6.12
pnp4nagios pnp4nagios 0.6.0
pnp4nagios pnp4nagios 0.6.3
pnp4nagios pnp4nagios 0.6.6
pnp4nagios pnp4nagios 0.6.15
pnp4nagios pnp4nagios 0.6.5
pnp4nagios pnp4nagios 0.6.10
pnp4nagios pnp4nagios 0.6.13
pnp4nagios pnp4nagios 0.6.18
pnp4nagios pnp4nagios 0.6.17
op5 monitor 6.3.0
pnp4nagios pnp4nagios 0.6.2
pnp4nagios pnp4nagios 0.6.16
CVE-2021-40272

OP5 Monitor 8.3.1, 8.3.2, and OP5 8.3.3 are vulnerable to Cross Site Scripting (XSS).

Products Affected

Vendor Product Version
op5 monitor *